Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select "Perform Quick Scan", then click Scan.

The scan may take some time to finish,so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately.

1. Please download The Avenger by Swandog46 to your DesktopLink: [You must be registered and logged in to see this link.]

Click on Avenger.zip to open the file

Extract avenger.exe to your desktop

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C

Drivers to disable:BtwSrvfastnetsrvndisdrvwinstsvylxbxpz

Drivers to delete:BtwSrvfastnetsrvndisdrvwinstsvylxbxpz

Files to delete:c:\windows\system32\drivers\uuoxdt.sysC:\dens.exec:\windows\system32\ALDQLJ.exeC:\siuhb.exeC:\enhs.exeC:\waees.exeC:\utpo.exeC:\acad.exec:\windows\duxc8820.exec:\windows\eocwu3617.exec:\windows\bukp56323.exec:\windows\system32\jmmgu.exec:\windows\system32\lbwhw.exec:\windows\cnjug.exec:\windows\system32\pumotozi.dllc:\windows\system32\yasazaki.dll

Folders to delete:c:\users\lori\appdata\roaming\FrostWirec:\programdata\numitopic:\programdata\hopagatuc:\programdata\bepepono

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by clicking on its icon on your desktop.

Under "Input script here:", paste in the script from the quote box above.

Leave the ticked box "Scan for rootkit" ticked.

Then tick "Disable any rootkits found"

Now click on the Execute to begin execution of the script.

Answer "Yes" twice when prompted.

The Avenger will automatically do the following:

It will Restart your computer.

On reboot, it will briefly open a black command window on your desktop, this is normal.

After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt

The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

Ok, I tried to run GMER twice. First in regular mode and after it started to scan it unexpectedly halted. I ended up with the blue screen of death. I restarted in Safe Mode and tried to run it again. Again it halted. I tried to start it again and I got the blue screen of death.

I can't run Gmer. I've deleted the copy on my desktop and redownloaded it several times. I've tried in regular mode and in Safe Mode. Everytime I start Gmer, I get the same warning message as the first time... I click "no" like you said. Then I click the arrow to the right and scan, like you said. It gets going for a couple of minutes and then the program stops unexpectedly and will not resume. I can only close it then.

First of all, that patched system file isn't helping, and one of those services we had the avenger get rid of, has backdoor capabilities. A backdoor gives intruders complete control of your computer, logs your keystrokes, steal personal information, etc.

You are strongly advised to do the following:

Disconnect the computer from the Internet and from any networked computers until it is cleaned.

Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.

Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.

From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).

Do NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

Due to its backdoor functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be to do a reformat and reinstallation of the operating system (OS).

Problem with these infections nowadays is, it causes a lot of damage. Even if we clean the malware off your system, I can't guarantee that your system will be clean afterwards, because these infections/bundles leave a lot of leftovers behind that most scanners won't even recognise and logs won't show.Also, I can't promise you we can repair all the damage it caused... Even after cleaning the malware, you can still get errors afterwards because of the damage.

First, thank you very much for the time you've taken trying to help me sort this out. I really appreciate your last post. Although it's rather scary, it's good to know and I'll do exactly what you said. I do have a few questions though.

Should I worry much that the other two computers that are on this wireless network I have at home might have been infected by my laptop? Should I run any of your nifty programs on my desktop to make sure it's not infected by the same thing passed on by the laptop through the wireless network?

Are you pretty sure a format will really wipe it all out? This same laptop had major virus/trojan issues about 6 months ago and my restore CD from Toshiba didn't get rid of it. Even though I chose the format option. I ended up getting a new hard drive.

Can you tell me the best way to format? I don't trust to do it only by using the restore cd now, since that didn't get rid of it all the last time. Is it just "Fomat C:" ? Or are there any other paremeters, values, etc., that I need to include with that?

Lastly, I think I'm finally done with this Free Anti-virus crap. I'd like to get the best anti-virus protection I can now, and that means I'm going to stop beinga cheapskate and buy it. Can you tell me, in your opinion, what you think is the best anti-virus program to get? (Regardless of price) I've heard some say nod32. I've never used that before, I've only used Norton in the past. What would you recommend?

That's it for now. Thanks again so very much for all your time and help. It is very much appreciated.

P.S. I'm not very confident in the reovery cd since earlier this year after using it, then taking the laptop to a shop since it didn't load all the software right, I found out there still was some hȋdden start-up virus like program on the system.

So, if I do end up having to use my Toshiba Rocovery CD to do my format, is there some program you have here that we can fun afterwards to make sure all of the nasty trojans are gone?

I finally got to formatting my hard drive using the Toshiba System Restore CD's and just got that done tonight.

Do you have any nifty instructions for me that I could do to make sure there's nothing still lurking on my system, or in a startup file hȋdden? I'm not a computer whiz and I'd hate to think that maybe I didn't wipe everything as well as I should have, and trouble was still on the laptop.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to [You must be registered and logged in to see this link.] and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

[You must be registered and logged in to see this link.]A tutorial on using Ad-Aware to remove spyware from your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]A tutorial on using Spybot to remove spyware from your computer may be found [You must be registered and logged in to see this link.]. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

[You must be registered and logged in to see this link.]A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found [You must be registered and logged in to see this link.].

[You must be registered and logged in to see this link.]A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found [You must be registered and logged in to see this link.].

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:[You must be registered and logged in to see this link.]I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.[You must be registered and logged in to see this link.][You must be registered and logged in to see this link.][You must be registered and logged in to see this link.]

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

To help you keep your software updated, please considering using this free software program that will check for program updates.[You must be registered and logged in to see this link.]

5) Finally, consider maintaining a firewall. Some good free firewalls are [You must be registered and logged in to see this link.], or[You must be registered and logged in to see this link.]A tutorial on understanding and using firewalls may be found [You must be registered and logged in to see this link.].

Please also read Tony Klein's excellent article: [You must be registered and logged in to see this link.]

If you would take a moment to fill out our feedback form, we would appreciate it.The link can be found [You must be registered and logged in to see this link.].